Prerequisites

To use the Server Automation middleware Fixlets, you must create packages containing the specific version of the software that you are deploying. You create the packages in the Manage Software Distribution dashboard in BigFix. This allows the Fixlets to access the software that you are deploying. You must also configure the BigFix server to allow dynamic downloads. You need access to the Systems Lifecycle domain and the Software Distribution site.

For each Fixlet, you must create a corresponding package for the middleware component that you want to deploy and add it to the Manage Software Distribution dashboard in BigFix. Then when you are running the Fixlet, you specify the URL for the package that you created. The Fixlet can then download the package and deploy the contents.

Important: When you are creating packages and adding them to the Manage Software Distribution dashboard, you need to extract the contents of ZIP files before you upload them to the Manage Software Distribution dashboard. If you upload ZIP files without first extracting the contents, the Fixlets are unable to deploy the middleware correctly.

Important: When uploading binary files the Manage Software Distribution dashboard, remove any hyphens or special characters from the binary name. Only the following characters work correctly when uploading packages to the Manage Software Distribution dashboard:

Uppercase or lowercase letters from a to z.
Numerical values from 0 to 9.
Underscore _
Period .

If you include hyphens or any other multi-byte characters other than those listed above, the file name of the uploaded package is renamed to its sha 1 value and the download does not work. Only single byte characters work correctly.

For each file to be downloaded in BigFix, there are three required fields.

URL: The URL from which the file can be downloaded. This is generally http, https, or ftp.
SHA-1: The SHA-1 is a generated checksum to ensure that the downloaded file is correct.
Note:
BigFix V9.5 supports the SHA-256 algorithm. Depending on the configuration you have set for the SHA algorithm in BigFix V9.5, the Server Automation middleware Tasks show different options. If you have enabled SHA-256 in BigFix V9.5, you must use SHA-256 in the Server Automation middleware Tasks. If you have not enabled SHA-256 in BigFix V9.5, you can use SHA-1 in the Server Automation middleware Tasks.
Size: The size of the file in bytes is used with the SHA-1 to validate the file is correct.

You can use the Manage Software Distribution dashboard to download the required files. When the files are downloaded, select the correct binary file from the Select a binary file list in the Fixlet description to populate the URL, SHA-1, and Size fields. To use the Manage Software Distribution function, you must configure the BigFix server for dynamic downloads.

Note: For binary files larger than 2 GB, you might experience issues. Ensure that these files are successfully archived in the Manage Software Distribution dashboard. Large files might display in the Fixlet Select a binary file list even if they are not fully uploaded.

Manage Software Distribution dashboard

You can download the required files to the BigFix Server Uploads directory, by clicking Manage Software Distribution in the middleware Fixlet Description tab. Specific instructions about how to do this are included in the Description tab of each Fixlet. The Manage Software Distribution dashboard is part of the Systems Lifecycle domain and the Software Distribution site. To use the Manage Software Distribution dashboard, you must acquire the Software Distribution site. For information about setting up the Manage Software Distribution dashboard, see Software Distribution dashboards Setup.

To download the required files, you must create a package and add one or more files to the package. For information about creating a Software Distributions package and adding files to packages, see Managing Packages.

Configuring the system for dynamic downloads

The DownloadWhitelist.txt file specifies all of the formats that are allowed for dynamically downloaded files. If your system contains an empty or nonexistent whitelist file, all dynamic downloads fail.

The DownloadWhitelist.txt file is on the BigFix server in the following directory:

On Windows systems:: C:\Program Files (x86)\BigFix Enterprise\BES Server\Mirror Server\Config
On Linux systems:: /var/opt/BESServer/Mirror Server/config

To configure the DownloadWhitelist.txt file, complete the following steps:

If it does not exist, create the DownloadWhitelist.txt file in specified directory on the BigFix server.
Specify the formats that you want to enable for dynamic downloading. For example, the following contents in the DownloadWhitelist.txt file specify BigFix server locations or external locations:
```
http://127.0.0.1:52311/.*
http://software\.bigfix\.com/.*
http://127.0.0.1:52311/bfmirror/downloads/ScriptManifest.lst
```
The .* entries allow all files to be downloaded. This is a potential security concern and you might choose not to use this option.
Save the DownloadWhitelist.txt file.

Important: This does not affect static downloading, for example, if you specify a full path name to a file.

For more information about static and dynamic downloading, see the Actions Guide and search for dynamic downloads.